[Zope] Access Control vs Publishing Protocol

[Chris Withers]

Toby Dickenson wrote:
> Those people were concerned that too many things were exposed via
> ZPublisher also.... My interpretation was that the issue is one of
> access control, not publishing protocol.

I think the issue is that you can't limit the visibility of objects
right now.
You can limit their access easily enough (or more tortuously if you
don't want people to access the bits of a page on their own
(standard_*,etc) via a complex web of proxy roles and required
permissions) but there doesn't appear to be any easy way to say "right,
I want this object exposed for reading and writing via FTP and reading
via HTTP, while this one shouldn't be URL traversable but I'd like to
edit it via WebDAV and this method is for use via XML-RPC but really
shouldn't be visible anywhere else.)

You can hack some of it with clever SiteAccess usage but it is a hard
problem. Ideally, you'd also want anything that deals with the above to
be related to user roles as well. This is because the thing which makes
the problem hard is that something like standard_html_header wants to be
editable by Managers TTW, which means it also has to be visible TTW.
However, it's probably not something you want exposed to anonymous
users, especially as a TTW enitity in its own right. objectIds is my
other favourite example ;-)

What do other peiople think? What would be the overhead of introducing
the above type of publishign restrictions?

cheers,

Chris